Re: [squid-users] Digest Ldap Authentication got failed for some user accounts

From: sankar m <debianlinux.ss_at_gmail.com>
Date: Mon, 12 Oct 2009 20:13:16 +0530

Dear Sir,

On Mon, Oct 12, 2009 at 7:51 PM, Henrik Nordstrom
<henrik_at_henriknordstrom.net> wrote:
> Which Squid version?
>

Squid 3.0 STABLE 15.

System kernel and architecture:
2.6.18-6-amd64 #1 SMP Fri Dec 12 05:49:32 UTC 2008 x86_64 GNU/Linux

> mån 2009-10-12 klockan 10:20 +0530 skrev sankar m:
>> Dear Sir,
>>
>> Here are some additional details that may help.
>>
>> Unique authenticated users per proxy     : 315 users/day
>> Proxy utilization per day                           : 20 GB per day
>> Squid Disk cache                                      : Disabled
>>
>> System memory and load status:
>>
>> Mem:   8183880k total,  5938872k used,  2245008k free,   524284k buffers
>> load average: 0.76, 0.65, 0.64
>>
>> System Processor : Intel(R) Xeon(R) CPU          2.83GHz Quad-Core
>> System Memory    : 8 GB
>>
>> Please ask me for any additional information if required.
>>
>> Regards,
>> Sankar.M
>>
>> Squid configured with,
>>
>> # ./configure --prefix=/usr/local/squid
>> --localstatedir=/var/logs/squid --exec-prefix=/usr/local/squid
>> --enable-linux-netfilter --disable-ident-lookups
>> --with-filedescriptors=8192 --enable-snmp --enable-delay-pools
>> --enable-cache-digests --enable-poll --enable-truncate
>> --enable-removal-policies --enable-auth="basic digest"
>> --enable-auth-basic-helpers=squid_radius_auth
>> --enable-digest-auth-helpers=ldap
>>
>>
>> On 10/11/09, Henrik Nordstrom <henrik_at_henriknordstrom.net> wrote:
>> > lör 2009-10-10 klockan 20:23 +0530 skrev sankar m:
>> >
>> >> I'm using "digest_ldap_auth" with "Open Ldap" combination for Digest
>> >> Authentication. It works well, but some users got authentication
>> >> failed. I'm able to get the valid hash from the LDAP server through
>> >> the command line,
>> >
>> > Do these users have any "odd" characters in their password? Digest
>> > unfortunately only works reliably for us-ascii characters.
>> >
>> >> Note that I'm running FIVE squid servers. I successfully authenticated
>> >> with 2nd proxy server using the same user account which got failed
>> >> with the first proxy server. Squid returning the TCP_DENIED/407
>> >> response to the client. Same userid is working when I do restart squid
>> >> (even reconfigure doesn't help), but I feel it is never be a right
>> >> way. After the successful restart, some other accounts are not
>> >> working.
>> >
>> > Which Squid version?
>> >
>> > Regards
>> > Henrik
>> >
>> >
>
>
Received on Mon Oct 12 2009 - 14:43:22 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 14 2009 - 12:00:02 MDT